Operation Ironside, a global operation led by the FBI and the Australian Federal Police (AFP), came to a resolution in June 2021. Across Australia, 4,000 police executed search warrants and made arrests, capping a two-year investigation which was undoubtedly the most significant in Australian law enforcement history. Ironside struck a substantial blow against the criminal network of the Comancheros Outlaw Motorcycle Gang (OMCG) and its Istanbul-based associate, Hakan Ayik, a fugitive since 2012. It seems Ayik may have unwittingly engineered the network’s downfall, by influencing his associates to adopt an encrypted communications app called AnOm. AnOm operated on modified cellphones over a secure network which was ostensibly beyond the reach of interception. In fact, the Australian Federal Police (AFP) had been intercepting all AnOm communications since 2018, after acquiring control of the app from its developer. Over the course of the investigation, authorities intercepted multiple large-scale drug shipments and intervened to prevent a contract killing. Rather than struggling to find evidence of criminal conspiracies, police were overwhelmed with it. One trigger for wrapping up Ironside was the operational fatigue of investigation teams working around the clock for months.
The AFP commissioner described Ironside as “a criminal takedown like we have never seen.” The immediate results in Australia were AUD $45 million in cash and four tonnes of drugs seized, and over 200 arrests. Over time, Ironside’s impact will be felt more broadly, across organised crime and the law enforcement community.
Interception of encrypted communications
AnOm was the latest in a series of encrypted communications platforms adopted by organised crime groups. These platforms are attractive because they placed criminal groups with the resources to deploy them beyond the reach of traditional interception. This meant that law enforcement efforts shifted to penetrating these platforms, compromising the administrators and shutting down the network. The Blackberry-based Phantom Secure system was shut down in 2018, and its CEO charged with racketeering. In early 2021, a global operation similar to the AnOm investigation brought down another Canadian provider, Sky Global. These operations had the effect of pushing organised crime groups towards AnOm, which was believed to be more secure.
Australian agencies have had the means to pursue this kind of interception since the 2018 passage of amendments to the Telecommunications Act 1997 which enhanced the ability of law enforcement to intercept communications and covertly access devices. This is understood to be one of the reasons why the one of the reasons why the AFP-FBI partnership was so effective. Now that these methods have secured arrests, they will be tested in court. There was intricate police work in obtaining warrants, collecting and storing communications and matching communications devices to individuals. The evidence presented will be complex, and every element of it will be subject to legal challenge. It is hard to see any such challenges resulting in the wholesale invalidation of Ironside’s methods. If disruption of organised crime is a policy goal, policing agencies need effective tools in order to do so. Ironside is a setback for organised crime groups in their ongoing struggle to conceal their communications from discovery. It is certain that the criminals smart or lucky enough to avoid arrest this time will learn from it.
Organised crime networks and their tools
Ayik and his associates will no doubt reflect on how vulnerable their reliance on AnOm made them. The cartel of which Ayik is a member controls drug supply into Australia worth an estimated AUD $1.5 billion annually. The covert human source who handed over AnOm to the FBI was paid a total of USD $169 thousand, a sum that would purchase 1-2 kilograms of cocaine at Australian prices. To place a billion-dollar illicit drug market at risk for the cost of two kilos of product indicates a major flaw in the operating model. We can expect the stunning success of Ironside to remove any traces of criminal complacency about the risk profile of encrypted communications.
One impact of Ironside may be that the transnational criminal groups operating in Australia are less inclined to do business with domestic OMCG networks. The physical presence of the OMCGs makes them key players in the distribution of illicit drugs in Australia, but there are others. The bulk of amphetamine-type substances imported into Australia comes from China, and Chinese groups have sophisticated methods for laundering the proceeds of drug sales and moving them internationally. Mexican drug cartels have been directly involved in supplying prohibited drugs to Australia for some years, and are known for their determination to avoid interception; in Mexico they have built their own two-way radio networks to assist their operations. In the wake of Ironside, some of these groups may be in a position to expand their activities in Australia. Ironside presented a unique opportunity in that the creator of the app was accessible to the FBI. An encrypted network controlled and operated from Mexico or mainland China would be a different proposition.
Organised crime intelligence and investigation
AnOm users communicated openly on the app, discussing importation and concealment methods and even sharing images of drug consignments. Intelligence collected will help law enforcement build a more comprehensive picture of drug importation and distribution methods. AnOm users were dispersed across Europe, the United States and Asia, providing investigators with a centralised view of a global drug network rather than a glimpse from the margins. How can this intelligence best be used?
Some attention should be given to the financial aspect of Ironside networks; how the groups laundered the proceeds of drug sales. We know that Australian drug syndicates commonly outsource money laundering to Asian money laundering organisations that use existing underground banking systems to move money between Australia and other countries. This outsourcing has made it challenging to prove the requisite knowledge of predicate crime to ground the most serious money laundering charges. The Financial Action Task Force (FATF) noted as much in 2015, observing that Australia’s production of financial intelligence outstripped its ability to charge and convict money launderers. Part of the problem is that the way drug syndicates and money laundering organisations intersect is not well understood. Unless Ironside targets were exceptionally disciplined in their communications, there will be valuable financial intelligence in the trove of intercepted messages, and law enforcement should seek to make use of it. Even if the money concerned has moved offshore, the intelligence can be used to identify and disrupt criminal networks in the future, ensuring that Ironside’s benefits endure.
A key lesson from Ironside is that targeting key facilitators of organised crime is a strategy that pays off. AnOm’s developer was not at the top level of drug supply, but he managed a service depended upon by those who were. In financial crime, there are facilitators who play a similar role. They may be solicitors, accountants, real estate agents or financial service providers. Some of these facilitators become central nodes in a criminal marketplace, connecting otherwise unrelated entities through the services they provide. They may, like the Phantom Secure CEO, cross a threshold of knowledge to become co-conspirators in a criminal enterprise. Transnational crime groups cannot co-ordinate drug transactions and launder the proceeds without help from providers of technology and financial services. Ironside shows that by focusing on a service relied on by a criminal network, investigators can surround that network and disrupt it.
Ben Scott works in financial crime compliance in an Australian bank, where he leads an intelligence team. He spent eight years as a financial intelligence analyst at the New South Wales Crime Commission, an Australian state government agency specialising in asset confiscation and investigation of serious organised crime. He has degrees in history and law.
The views expressed in this article are those of the author and do not necessarily reflect the views of RUSI or any other institution.